Pegasus software and privacy

A number of EU Member States are suspected of spying using the (controversial) Pegasus software. That is why the European Parliament is going to set up a committee of enquiry.

The Dutch newspaper Financieel Dagblad wrote that the committee will investigate the use of the software by European governments. Hungary and Poland, for example, are said to have used/misused the software to spy on political oppositions and journalists.

On Friday, 11 February 2022, the Public Prosecutor of Bulgaria announced that the Bulgarian government will also be investigated for spying on its own citizens with the help of the software.

Investigation committee

Despite the fact that since last week (week 6), a majority has been reached in the European Parliament on the introduction of the investigative committee, no agreement has yet been reached on the mandate. MEP and CDA member Jeroen Lenaers has at least one question he wants answered. He wants to know exactly how the Member States have used the software and when they have done so.

Controlling

Lenaers also wants to know whether the Member States have sufficient control possibilities within the legal systems currently in place to combat such occurrences. A Hungarian lawyer announced during a hearing that spying on citizens is ‘simply’ permitted under Hungarian law. This is contrary to the fundamental human rights that serve as a pillar of the EU. The question is therefore whether there should be certain minimum requirements within the Union when it comes to the security of software.

Despite the criticism and indignation, the prevailing view is that software is not by definition bad. After all, software can also be a weapon for the Member States against increasing criminality. Lenaers therefore argues that the committee should investigate limiting such software to legal purposes. In addition, he argues that the use of the software should be regulated. If privacy is not protected, the chance of abuse is too great and Pegasus should be banned.

Ban on trade and use Israel

In America, NSO (the developer of Pegasus) is already on a so-called ‘blacklist’. As a result of this ban, US organisations are not allowed to trade with NSO or supply them with technology.

The company’s software is also under investigation in Israel, NSO’s home country. The police are said to have illegally used the software to hack into the phones of various (top) officials, entrepreneurs, journalists and demonstrators/activists.

Incidentally, this is not the first investigation into Pegasus in Israel. A parliamentary enquiry had already been launched as a result of the discoveries by Amnesty International and Forbidden Stories. They discovered last year in Paris that there was a group of people who were targeted by Pegasus espionage. These included French President Emmanuel Macron and the family of murdered Saudi journalist Jamal Khashoggi.

Next steps

The European Parliament does not have the power to hear people and/or institutions under oath, nor can it oblige anyone to cooperate with an investigation. Yet MEPs such as Sophie in ‘t Veld see an opportunity. She sees the possibility of initiating cooperation with the US and Israel. In this cooperation, the exchange of information and Pegasus will remain in the foreground.

Do you have any questions about (international) privacy law, or IT and ICT law? Please feel free to contact one of the specialised lawyers of Fruytier Lawyers in Business, they will be happy to help you.